Join one of the world's most influential companies and leverage your skills in cybersecurity to have a real impact on the financial industry.

As a Lead Cybersecurity Architect at JPMorgan Chase within the cyber and tech controls line of business, you are an integral part of a team that works to develop high-quality cybersecurity solutions for various software applications on modern cloud-based technologies. As a core technical contributor, you are responsible for carrying out critical cybersecurity architecture solutions by identifying, creating, and communicating risk, mitigation options, and solutions across multiple technical areas within various business functions in support of project goals.

Job responsibilities

• Engages (hands-on) in managing endpoint security for the entire JPMC's server estate which powers some of the most innovative business applications in the financial industry globally
• Utilizes a deep understanding of the threat landscape and risk to build security into products and new features
• Partners with and advise engineering, product, and risk teams on security best practices and help shape the endpoint security strategy for the firm
• Works with vendors to escalate problems and receive timely resolutions
• Enables product strategy and keep the firm safe by analyzing complex data systems, anticipating problems, and finding ways to mitigate risk
• Engages technical teams and business stakeholders to discuss and propose technical approaches to meet current and future cybersecurity needs
• Defines the technical target state of their cybersecurity product and drives achievement of the strategy
• Identifies opportunities to eliminate or automate remediation of recurring issues to improve overall cybersecurity of software applications and systems
• Leads evaluation sessions with external vendors, startups, and internal teams to drive continuous improvement and assess cybersecurity design and technical credentials for use in existing systems and architecture
• Leads communities of practice to drive awareness and use of new and leading-edge cybersecurity technologies
• Adds to team culture of diversity, equity, inclusion, and respect

• Formal training or certification on cybersecurity architecture concepts and 5+ years applied experience
• Solid experience in managing endpoint security in enterprise environments (Managing Anti-Virus, EDR, Creating and reviewing hardening baselines for Windows, Mac OS and Red Hat Linux servers, configuration drift management)
• Good understanding of industry frameworks like MITRE ATT&CK, NIST, CIS etc.
• Hands-on experience with infrastructure attacks, including familiarity with red teaming techniques, tradecrafts and tools.
• Ability to make informed decisions related to risks, exclusions and assess scenarios from an attack-centric approach
• Demonstrable development/scripting/automation experience in at least one of Java, Python, Go, PowerShell
• Ability to lead and drive meetings with global teams when there is a need
• Hands-on practical experience delivering enterprise-level cybersecurity solutions and controls
• Proficiency in automation and continuous delivery methods
• Practical cloud native experience
• Experience effectively communicating with senior business leaders

• Offensive Security skills such as Penetration Testing and/or Security certifications from reputed bodies
• Knowledge in public cloud environments such as AWS and any relevant certifications
• Prior experience in Threat Modeling
• Experience with usage of SIEM tools
• Thorough knowledge of network protocols
• Willingness to learn and drive to excel